Veritas NetBackup™ Administrator's Guide, Volume I
- Section I. About NetBackup
- Section II. Configuring hosts
- Configuring Host Properties
- About the NetBackup Host Properties
- Access Control properties
- Bandwidth properties
- Busy File Settings properties
- Client Attributes properties
- Client Settings properties for UNIX clients
- Client Settings properties for Windows clients
- Data Classification properties
- Default Job Priorities properties
- Encryption properties
- Exchange properties
- Exclude Lists properties
- Fibre Transport properties
- Firewall properties
- General Server properties
- Global Attributes properties
- Logging properties
- Login Banner Configuration properties
- Media properties
- Network Settings properties
- Port Ranges properties
- Preferred Network properties
- Resilient Network properties
- Restore Failover properties
- Retention Periods properties
- Scalable Storage properties
- Servers properties
- SharePoint properties
- SLP Parameters properties
- Throttle Bandwidth properties
- Universal Settings properties
- User Account Settings properties
- Configuration options for NetBackup servers
- THROTTLE_BANDWIDTH option for NetBackup servers
- Configuration options for NetBackup clients
- IGNORE_XATTR option for NetBackup clients
- VXSS_NETWORK option for NetBackup clients
- Configuring server groups
- Configuring host credentials
- Managing media servers
- Configuring Host Properties
- Section III. Configuring storage
- Configuring disk storage
- Configuring robots and tape drives
- About configuring robots and tape drives in NetBackup
- Adding a robot to NetBackup manually
- Managing robots
- Adding a tape drive to NetBackup manually
- Adding a tape drive path
- Correlating tape drives and SCSI addresses on Windows hosts
- Correlating tape drives and device files on UNIX hosts
- Managing tape drives
- Performing device diagnostics
- Configuring tape media
- About NetBackup volume pools
- About WORM media
- About adding volumes
- Configuring media settings
- Media settings options
- Media type (new media setting)
- Media settings options
- About barcodes
- Configuring barcode rules
- Configuring media ID generation rules
- Adding volumes by using the Actions menu
- Configuring media type mappings
- Managing volumes
- About exchanging a volume
- About frozen media
- About injecting and ejecting volumes
- About rescanning and updating barcodes
- About labeling NetBackup volumes
- About moving volumes
- About recycling a volume
- Managing volume pools
- Managing volume groups
- Inventorying robots
- About showing a robot's contents
- About updating the NetBackup volume configuration
- About the vmphyinv physical inventory utility
- Configuring storage units
- About the Storage utility
- Creating a storage unit
- About storage unit settings
- Absolute pathname to directory or absolute pathname to volume setting for storage units
- Maximum concurrent jobs storage unit setting
- Staging backups
- Creating a basic disk staging storage unit
- Configuring storage unit groups
- Section IV. Configuring storage lifecycle policies (SLPs)
- Configuring storage lifecycle policies
- Storage operations
- Index From Snapshot operation in an SLP
- Snapshot operation in an SLP
- Retention types for SLP operations
- Capacity managed retention type for SLP operations
- Storage lifecycle policy options
- Using a storage lifecycle policy to create multiple copies
- Storage lifecycle policy versions
- Section V. Configuring backups
- Creating backup policies
- Planning for policies
- Policy Attributes tab
- Policy storage (policy attribute)
- Policy volume pool (policy attribute)
- Take checkpoints every __ minutes (policy attribute)
- Backup Network Drives (policy attribute)
- Cross mount points (policy attribute)
- Encryption (policy attribute)
- Collect true image restore information (policy attribute) with and without move detection
- Use Accelerator (policy attribute)
- Enable optimized backup of Windows deduplicated volumes
- Use Replication Director (policy attributes)
- Schedule Attributes tab
- Type of backup (schedule attribute)
- Frequency (schedule attribute)
- Multiple copies (schedule attribute)
- Retention (schedule attribute)
- Media multiplexing (schedule attribute)
- Start Window tab
- Include Dates tab
- How open schedules affect calendar-based and frequency-based schedules
- About the Clients tab
- Backup Selections tab
- Adding backup selections to a policy
- Verifying the Backup Selections list
- Pathname rules for UNIX client backups
- About the directives on the Backup Selections list
- ALL_LOCAL_DRIVES directive
- Files that are excluded from backups by default
- Disaster Recovery tab
- Active Directory granular backups and recovery
- Synthetic backups
- Using the multiple copy synthetic backups method
- Protecting the NetBackup catalog
- Parts of the NetBackup catalog
- Protecting the NetBackup catalog
- Archiving the catalog and restoring from the catalog archive
- Estimating catalog space requirements
- About the NetBackup relational database
- About the NetBackup relational database (NBDB) installation
- Using the NetBackup Database Administration utility on Windows
- Using the NetBackup Database Administration utility on UNIX
- Post-installation tasks
- About backup and recovery procedures
- Managing backup images
- Creating backup policies
- Section VI. Configuring replication
- About NetBackup replication
- About NetBackup Auto Image Replication
- Viewing the replication topology for Auto Image Replication
- About the storage lifecycle policies required for Auto Image Replication
- Removing or replacing replication relationships in an Auto Image Replication configuration
- About NetBackup replication
- Section VII. Monitoring and reporting
- Monitoring NetBackup activity
- About the Jobs tab
- About the Daemons tab
- About the Processes tab
- About the Drives tab
- About the jobs database
- About pending requests and actions
- Reporting in NetBackup
- Using the Logging Assistant
- Monitoring NetBackup activity
- Section VIII. Administering NetBackup
- Management topics
- Accessing a remote server
- Using the NetBackup Remote Administration Console
- Run-time configuration options for the NetBackup Administration Console
- About improving NetBackup performance
- About adjusting time zones in the NetBackup Administration console
- Alternate server restores
- About performing alternate server restores
- Managing client backups and restores
- About client-redirected restores
- Powering down and rebooting NetBackup servers
- About Granular Recovery Technology
- About configuring Services for Network File System (NFS) on Windows 2012, 2012 R2, or 2016
- About configuring Services for Network File System (NFS) on Windows 2008 and 2008 R2
Adding a trusted master server
You can configure a trust relationship between multiple NetBackup domains. To do so, in the source domain and the target domain you must add a trust relationship.
A trust relationship between domains helps with replication operations.
See About trusted master servers for Auto Image Replication.
Perform the following steps on both the source and the target server.
Identify the NetBackup versions that are installed on the source and the target servers.
Obtain the authorization tokens of the remote server.
Use the bpnbat command to log in and nbcertcmd to get the authorization tokens.
To perform this task, see the NetBackup Commands Reference Guide.
Obtain the fingerprints for the remote server.
To obtain the SHA1 fingerprint of root certificate, use the nbcertcmd -displayCACertDetail command.
To perform this task, see the NetBackup Commands Reference Guide.
Ensure that you have one of the following permissions:
System administrator permissions with root permissions for UNIX and administrator permissions for Windows and a NetbackupCLI user for a 3.1 NetBackup appliance.
Access to NetBackup Administrator console, where you have <username> ADMIN=ALL permissions through
auth.conf
.Enhanced audit user permissions through
authalias.conf
.
For more information, see the NetBackup Security and Encryption Guide.
If NBAC is enabled, ensure that both the target and the source master server have the same NBAC configuration.
If the either the source or the target server master server is on version 8.0 or earlier, ensure that the Enable insecure communication with NetBackup 8.0 and earlier hosts option on tab is selected.
To add a trusted master server
- In the NetBackup Administration Console, expand NetBackup Management > Host Properties > Master Servers in the left pane.
- In the right pane, select the master server.
- On the Actions menu, click Properties.
- In the properties dialog box left pane, select Servers.
- In the Servers dialog box, select the Trusted Master Servers tab.
- On the Trusted Master Servers tab, click Add.
The Add Trusted Master Server dialog box appears.
- In the Add Trusted Master Server dialog box, enter the fully-qualified host name of the remote master server.
- Click Validate Certificate Authority.
Depending on the NetBackup version of the target server, the next screens are displayed.
The following is an example of the dialog box:
- If the target server is on version 8.0 or earlier:
In the Add Trusted Master Server dialog box, enter the Username and Password of the remote master server host.
Skip steps 10 through 12.
The following is an example of the dialog box:
- If both the source and the target server are on version 8.1 or later:
In the Validate Certificate Authority dialog box, verify if the CA certificate fingerprint of the remote server is correct.
- To proceed, click Yes.
Or
If the fingerprints don't match, click No.
Contact the remote server admin to provide the correct fingerprints.
- In the Add Trusted Master Server dialog box, enter the trusted master server details.
Select Specify Authentication Token of the trusted master server and enter the token details of the remote master server.
Note:
To view the token you have entered, select Show Token.
Or
Select Specify credentials of the trusted master server and enter the user name and password.
To establish trust with a 3.1 NetBackup master appliance, use the NetbackupCLI credentials.
Note:
Veritas recommends using an authentication token to connect to the remote master server. An authentication token provides restricted access and allows secure communication between both the hosts. The use of user credentials (user name and password) may present a possible security breach.
The following is an example of the dialog box:
- Click OK.
- Perform the same procedure on the remote master server of the master server you have added above.
Skip this step if the target server is on version 8.0 or earlier.
Note:
You will not be able to fetch the host properties of a trusted master server from Host Properties > Client lists.